NIAP: NIAP CCEVS Announcements
NIAP/CCEVS
  NIAP  »»  Announcements  »»  NIAP Announcements  
NIAP Announcements

  NIAP Policy #5 amd Policy #5 Frequently Asked Questions Updated (06 December 2019)

NIAP CCEVS Policy #5: "Applicability and Relationship of NIST Cryptographic Algorithm Validation Program (CAVP) and Cryptographic Module Validation Program (CMVP) to NIAP's Common Criteria Evaluation and Validation Scheme (CCEVS)" and "Frequently Asked Questions for NIAP Policy #5" have been updated and published to the NIAP website. An updated CAVP Mapping Document will be forthcoming.  Policy #5, Policy #5 FAQ, and the CAVP mapping document provide clarification and guidance of how NIST's  algorithm and module validations are determined to be acceptable evidence for meeting some PP/cPP assurance activities.

The documents can be  found here:  https://www.niap-ccevs.org/Documents_and_Guidance/policy.cfm

If you have any questions or concerns, please contact us at 410-854-4458 or by email niap@niap-ccevs.org.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1227

  NIAP publishes the Protection Profile Module for VPN Gateways, Version 1.0 (22 November 2019)

NIAP has published the Protection Profile Module for VPN Gateways, Version 1.0, its Supporting Document, and PP-Configuration to the NIAP-Approved PP List.  Products may now be evaluated against the PP-Configuration for Network Device and Virtual Private Network (VPN) Gateways, Version 1.0, dated 22 November 2019. Changes were limited to converting the VPN Gateway Extended Package to PP-Module format for use with NDcPP 2.1 and incorporating all applicable Technical Decisions. Therefore, the Extended Package for VPN Gateways Version 2.1 will sunset on 31 December 2019.

In addition, NIAP is developing the necessary iTC required documentation to request the VPNGW PP-Module be added to the allowed-list for the FW PP-Module. Once approved, a PP-Configuration will be published and another announcement will be sent.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1226

  NIAP Progress Report - Third Quarter 2019 (20 November 2019)

See the NIAP Third Quarter Progress Report   to learn about recent NIAP accomplishments and activities, and upcoming releases.

Read the report here.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1225

  NIAP endorses and publishes the collaborative Protection Profile Module for Stateful Traffic Filter Firewalls, Version 1.3 (23 October 2019)

NIAP has endorsed the collaborative Protection Profile Module for Stateful Traffic Filter Firewalls, Version 1.3 and published the cPP-Module and Supporting Documents to the NIAP-Approved PP List.  This endorsement is a formal statement that products successfully evaluated against the PP-Configuration for Network Device and Stateful Traffic Filter Firewalls, Version 1.3, dated 27 September 2019 and in compliance with all NIAP policies, will be placed on the NIAP Product Compliant List. This PP-Module replaces the collaborative Protection Profile for Stateful Traffic Filter Firewalls Version 2.0 + Errata 20180314. Changes were limited to converting the cPP to PP-Module format and incorporting all applicable Technical Decisions. Given the minimal changes,  Version 2.0E will sunset on 31 December 2019.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1224

  Configuration Annex for CPP FW 2.0E (27 September 2019)

The Configuration Annex for the collaborative Protection Profile for Stateful Traffic Filter Firewall Version 2.0 + Errata (cpp_fw_2.0e) has been published to the NIAP Protection Profile website. This Annex is consistent with [CNSSI-1253], which requires US National Security Systems to adhere to certain configuration parameters.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1223

Previous Announcements

  PP-Module for SSL/TLS Inspection Proxy v1.0 Published! (29 August 2019)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the PP-Module for SSL/TLS Inspection Proxy. This PP-Module describes the security functionality of SSL/TLS Inspection Proxy and defines functional and assurance requirements for such products. This PP-Module is intended to specify the functionality of a network device that includes limited Certification Authority (CA) functionality to issue certificates for the purpose of providing network security services on the underlying plaintext.


The PP-Module may be found here: https://www.niap-ccevs.org/Profile/PP.cfm

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1222

  NIAP Progress Report - Second Quarter 2019 (27 August 2019)

See the NIAP Second Quarter Progress Report to learn about recent NIAP accomplishments and activities, and upcoming releases.

Read the report here.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1221

  Call for Participants in WIDS Technical Community (02 August 2019)

 

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of the Technical Community (TC) for the update of the Wireless Intrusion Detection System (WIDS) Extended Package.  Members of this TC are expected to provide technical input to update requirements that need more clarity and support the development of additional requirements to align with the Capability Package (CP) Annex for WIDS in support of wireless monitoring efforts.

 

Please note: If you are already a member of this Technical Community, there is no need to re-apply.
 
All interested parties should contact NIAP/CCEVS at tc-wids-staff@niap-ccevs.org, providing the information listed below for each potential participant:

    Name
    Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)
    Telephone number
    Email address
    A brief statement of the qualifications for participation in the TC

 

 

 

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1220

  PP-Module for File Encryption, Version 1.0 and PP-Module for File Encryption Enterprise Management, Version 1.0 (31 July 2019)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the PP-Module for File Encryption, Version 1.0 and PP-Module for File Encryption Enterprise Management, Version 1.0. The PP-Module for File Encryption replaces the Extended Package for Software File Encryption Version 1.0 and includes Technical Decisions (TDs) resulting from prior completed evaluations and other updates. The PP-Module for File Encryption Enterprise Management expands the File Encryption use case to protecting the communications between the Enterprise Management Server and the client device and includes optional abilities of the EM to interact with clients (with proper authorization).


The PP-Modules may be found here: https://www.niap-ccevs.org/Profile/PP.cf

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1219

  Peripheral Sharing Device Protection Profile, Version 4.0 Published (19 July 2019) (19 July 2019)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Peripheral Sharing Device (PSD) Protection Profile (PP), Version 4.0 and its five associated PP-Modules: PP-Module for Audio Input Devices, Version 1.0; PP-Module for Analog Audio Output Devices, Version 1.0; PP-Module for Keyboard/Mouse Devices, Version 1.0, PP-Module for User Authentication Devices, Version 1.0; and PP-Module for Video/Display Devices, Version 1.0. The PSD PP separates each supported Peripheral Device into its own PP-Module; adds support for audio input devices; updates requirements for isolators, combiners, and wired remote controllers; improves testing; and incorporates Technical Decisions resulting from prior completed evaluations. These may be found here: https://www.niap-ccevs.org/Profile/PP.cfm.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1218

  Call for Participants for Video/Voice over IP Technical Community (28 June 2019)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community (TC) for the update of the Extended Package (EP) for Video/Voice over IP (VVoIP).  Members of this TC are expected to provide technical input to update the EP to include requirements for Peer to Peer (P2P).

Please note: If you are already a member of this Technical Community, there is no need to re-apply.
 
All interested parties should contact NIAP/CCEVS at tc-vvoip-staff@niap-ccevs.org, providing the information listed below for each potential participant:

  • Name
  • Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)
  • Telephone number
  • Email address
  • A brief statement of the qualifications for participation in the TC


NIAP plans to hold the Kick-Off meeting on 16 July 2019 at 1100 Eastern. We look forward to your participation!

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann218

  General Pupose Operating Systems, Version 4.2.1 Published (01 May 2019)

 

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) has posted the General Purpose Operating System Protection Profile (GPOS PP), Version 4.2.1. This minor version has been published solely to address issues identified as a result of the evaluation of the GPOS PP, Version 4.2 . The only changes made were typographical errors related to the CC conventions for indicating assignments, selections, and refinements and updates for incomplete SFR mappings to objectives and their rationale. No additional changes were made and all Technical Decisions published for GPOS PP V4.2 have been updated to apply to this V4.2.1. The Configuration Annex also remains unchanged.  Given the minimal changes, this version replaces Version 4.2 which has been sunset, effective immediately.

 

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann216

  Call for Participants for Software Defined Network (SDN) Controller Technical Community (01 May 2019)

 

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community (TC) for the development of a Protection Profile for Software Defined Network (SDN) Controller. Members of this TC are expected to provide technical input to the development of a Protection Profile for a baseline set of Security Functional Requirements (SFRs) for products that implement SDN Controller.

 

All interested parties should contact NIAP/CCEVS at tc-sdn-staff@niap-ccevs.org, providing the information listed below for each potential participant: 

 

 Name 

 

 Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)  

 

 Telephone number 

 

 Email address 

 

 A brief statement of the qualifications for participation in the TC

 

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann217

  NIAP Progress Report - First Quarter 2019 (29 April 2019)

See the NIAP First Quarter Progress Report to learn about recent NIAP accomplishments and activities, and upcoming releases.

Read the report here.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann215

  MDM PP, Version 4.0 and MDM Agent PP-Module, Version 1.0 Published (25 April 2019)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Protection Profile (PP) for Mobile Device Management (MDM), Version 4.0 and PP-Module for MDM Agent Version 1.0. The MDM PP updates included Technical Decisions (TDs) resulting from prior completed evaluations, incorporation of the TLS Functional Package, the addition of an equivalency section, and cloud interoperability. The MDM Agent changes included conversion to PP-Module format, incorporation of TDs, and changes to align with the updated MDM PP V4.0  These may be found here: https://www.niap-ccevs.org/Profile/PP.cfm

 

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann214

  NIAP Endorses NDcPP v2.1 (12 March 2019)

NIAP has endorsed the Network Device collaborative Protection Profile v2.1 (NDcPP v2.1) and published the cPP and Supporting Documents to the NIAP-Approved PP List.  This endorsement is a formal statement that products successfully evaluated against the ND cPP that demonstrate exact conformance to the cPP, and in compliance with all NIAP policies, will be placed on the NIAP Product Compliant List. This version succeeds Version 2.0E which will sunset effective 10 September 2019. 

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann212

  NIAP 2018 Report (01 March 2019)

See the 2018 NIAP Annual Report to learn about NIAP 2018 accomplishments and activities.  Read the report here

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann213

  Application Software v1.3 Protection Profile Published (01 March 2019)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Protection Profile for Application Software, Version 1.3. The PP updates include Technical Decisions resulting from prior completed evaluations, incorporation of the TLS Functional Package, and the addition of an equivalency section. This PP can be found here: https://www.niap-ccevs.org/Profile/Info.cfm?PPID=429&id=429

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann210

  Functional Package for Transport Layer Security (TLS) Version 1.1 Published (01 March 2019)

 

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Functional Package for Transport Layer Security (TLS) Version 1.1. This minor version update is limited to clarifications regarding override for invalid certificates, renegotation_info extension, DTLS versions, and named Diffie-Hellman groups in DTLS contexts. Given the minimal changes, this version replaces Version 1.0 which has been sunset, effective immediately. As new and updated PPs/PP-Modules are published, they will make use of this TLS package, where applicable.

 

 Please follow this link for more information: https://www.niap-ccevs.org/Profile/Info.cfm?PPID=439&id=439

 

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann211

  FDE EE cPP v2.0 and FDE AA cPP v2.0 Erratas Published (07 February 2019)

The Full Drive Encryption (FDE) international Technical Community (iTC) has published Errata versions of the FDE Encryption Engine (EE) Collaborative Protection Profile (cPP) v2.0, FDE EE Supporting Document (SD) v2.0,  FDE Authorization Acquisition (AA) cPP v2.0, and FDE AA SD v2.0. The Errata versions replace the v2.0 documents with immediate effect. Therefore, NIAP has published the Errata versions and archived the FDE EE cPP v2.0, FDE EE SD v2.0, FDE AA cPP v2.0, and FDE AA SD v2.0.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann209

  Functional Package for Transport Layer Security (TLS) Version 1.0 Published (17 December 2018)

 

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Functional Package for Transport Layer Security (TLS) Version 1.0. As new and updated PPs/PP-Modules are published, they will make use of this TLS package, where applicable.

 

Please follow the below link for more information:

 

https://www.niap-ccevs.org/Profile/Info.cfm?PPID=426&id=426

 

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann208
Site Map              Contact Us              Home